| The subject researches the trusted computing architecture, authentication protocols and the security mechanism of Linux and so on, proposes a user login authentication and application authorization framework based on Linux and accomplishes the whole system finally.The thesis focuses on the message format, database management, installation, configuration and interface functions of the Kerberos System and the LDAP System. Kerberos and Needham-Schroeder protocols based on TPM are improved. Finally, based on the framework proposed, the Kerberos System is implemented. Therefore the user can be authenticated when log in and the web server also can be authenticated; the OpenLDAP System is implemented, with the SASL mechanism, the OpenLDAP System combined with the Kerberos System is implemented. Based on above work, the authorized access to some web servers by the mechanism of the OpenLDAP access control is implemented. The user can accomplish the authentication and authorization through the client application program interface.The system is used in the practice on the teaching of information security as a part of the information security practice platform for innovation, and it could be used for OA in government to protect the local area network security. |
PDF Full Text Request